1
0
Fork 0
mirror of https://github.com/imjasonh/gcloud-help synced 2026-07-19 07:15:23 +00:00

gcloud: Thu Feb 20 10:40:27 UTC 2025

This commit is contained in:
Automated 2025-02-20 10:40:27 +00:00
parent 44f319c56c
commit 8d1a988ab5
295 changed files with 11246 additions and 956 deletions

View file

@ -32,6 +32,7 @@ EXAMPLES
get-effective-firewalls example-instance --format="table(
type,
firewall_policy_name,
rule_type,
priority,
action,
direction,

View file

@ -31,6 +31,7 @@ EXAMPLES
--network=example-network --region=region-a --format="table(
type,
firewall_policy_name,
rule_type,
priority,
action,
direction,

View file

@ -22,6 +22,10 @@ GROUPS
Read and manipulate Compute Engine network firewall policy
associations.
mirroring-rules
Read and manipulate Compute Engine packet mirroring rules in network
firewall policy.
rules
Read and manipulate Compute Engine network firewall policy rules.

View file

@ -0,0 +1,96 @@
NAME
gcloud compute network-firewall-policies mirroring-rules create - creates a
Compute Engine network firewall policy packet mirroring rule
SYNOPSIS
gcloud compute network-firewall-policies mirroring-rules create PRIORITY
--action=ACTION --firewall-policy=FIREWALL_POLICY
--global-firewall-policy [--description=DESCRIPTION]
[--dest-ip-ranges=[DEST_IP_RANGE,...]] [--direction=DIRECTION]
[--[no-]disabled] [--layer4-configs=[LAYER4_CONFIG,...]]
[--security-profile-group=SECURITY_PROFILE_GROUP]
[--src-ip-ranges=[SRC_IP_RANGE,...]]
[--target-secure-tags=[TARGET_SECURE_TAGS,...]] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute network-firewall-policies mirroring-rules create is used to
create network firewall policy packet mirroring rules.
EXAMPLES
To create a rule with priority 10 in a global network firewall policy with
name my-policy and description example rule, run:
$ gcloud compute network-firewall-policies mirroring-rules create \
10 --firewall-policy=my-policy --action=do_not_mirror \
--description="example rule" --global-firewall-policy
POSITIONAL ARGUMENTS
PRIORITY
Priority of the rule to be inserted. Valid in [0, 65535].
REQUIRED FLAGS
--action=ACTION
Action to take if the request matches the match condition. ACTION must
be one of: mirror, do_not_mirror, goto_next.
--firewall-policy=FIREWALL_POLICY
Firewall policy ID with which to create rule.
--global-firewall-policy
Use this flag to indicate that firewall policy is global.
OPTIONAL FLAGS
--description=DESCRIPTION
An optional, textual description for the rule.
--dest-ip-ranges=[DEST_IP_RANGE,...]
Destination IP ranges to match for this rule.
--direction=DIRECTION
Direction of the traffic the rule is applied. The default is to apply
on incoming traffic. DIRECTION must be one of: INGRESS, EGRESS.
--[no-]disabled
Use this flag to disable the rule. Disabled rules will not affect
traffic. Use --disabled to enable and --no-disabled to disable.
--layer4-configs=[LAYER4_CONFIG,...]
A list of destination protocols and ports to which the firewall rule
will apply.
--security-profile-group=SECURITY_PROFILE_GROUP
A security profile group to be used with mirror action.
--src-ip-ranges=[SRC_IP_RANGE,...]
A list of IP address blocks that are allowed to make inbound
connections that match the firewall rule to the instances on the
network. The IP address blocks must be specified in CIDR format:
http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing.Either
--src-ip-ranges or --src-secure-tags must be specified for INGRESS
traffic. If both --src-ip-ranges and --src-secure-tags are specified,
the rule matches if either the range of the source matches
--src-ip-ranges or the secure tag of the source matches
--src-secure-tags.Multiple IP address blocks can be specified if they
are separated by commas.
--target-secure-tags=[TARGET_SECURE_TAGS,...]
An optional, list of target secure tags with a name of the format
tagValues/ or full namespaced name
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
These variants are also available:
$ gcloud alpha compute network-firewall-policies mirroring-rules \
create
$ gcloud beta compute network-firewall-policies mirroring-rules \
create

View file

@ -0,0 +1,48 @@
NAME
gcloud compute network-firewall-policies mirroring-rules delete - deletes a
Compute Engine network firewall policy packet mirroirng rule
SYNOPSIS
gcloud compute network-firewall-policies mirroring-rules delete PRIORITY
--firewall-policy=FIREWALL_POLICY --global-firewall-policy
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute network-firewall-policies mirroring-rules delete is used to
delete network firewall policy packet mirroring rules.
EXAMPLES
To delete a rule with priority 10 in a global network firewall policy with
name my-policy, run:
$ gcloud compute network-firewall-policies mirroring-rules delete \
10 --firewall-policy=my-policy --global-firewall-policy
POSITIONAL ARGUMENTS
PRIORITY
Priority of the rule to be deleted. Valid in [0, 65535].
REQUIRED FLAGS
--firewall-policy=FIREWALL_POLICY
Firewall policy ID with which to delete rule.
--global-firewall-policy
Use this flag to indicate that firewall policy is global.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
These variants are also available:
$ gcloud alpha compute network-firewall-policies mirroring-rules \
delete
$ gcloud beta compute network-firewall-policies mirroring-rules \
delete

View file

@ -0,0 +1,49 @@
NAME
gcloud compute network-firewall-policies mirroring-rules describe -
describes a Compute Engine network firewall policy pakcet mirroring
rule
SYNOPSIS
gcloud compute network-firewall-policies mirroring-rules describe PRIORITY
--firewall-policy=FIREWALL_POLICY --global-firewall-policy
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute network-firewall-policies mirroring-rules describe is used
to describe network firewall policy packet mirroring rules.
EXAMPLES
To describe a rule with priority 10 in a global network firewall policy
with name my-policy, run:
$ gcloud compute network-firewall-policies mirroring-rules \
describe 10 --firewall-policy=my-policy --global-firewall-policy
POSITIONAL ARGUMENTS
PRIORITY
Priority of the rule to be described. Valid in [0, 65535].
REQUIRED FLAGS
--firewall-policy=FIREWALL_POLICY
Firewall policy ID with which to describe rule.
--global-firewall-policy
Use this flag to indicate that firewall policy is global.
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
These variants are also available:
$ gcloud alpha compute network-firewall-policies mirroring-rules \
describe
$ gcloud beta compute network-firewall-policies mirroring-rules \
describe

View file

@ -0,0 +1,41 @@
NAME
gcloud compute network-firewall-policies mirroring-rules - read and
manipulate Compute Engine packet mirroring rules in network firewall
policy
SYNOPSIS
gcloud compute network-firewall-policies mirroring-rules COMMAND
[GCLOUD_WIDE_FLAG ...]
DESCRIPTION
Read and manipulate Compute Engine packet mirroring rules in network
firewall policy.
GCLOUD WIDE FLAGS
These flags are available to all commands: --help.
Run $ gcloud help for details.
COMMANDS
COMMAND is one of the following:
create
Creates a Compute Engine network firewall policy packet mirroring rule.
delete
Deletes a Compute Engine network firewall policy packet mirroirng rule.
describe
Describes a Compute Engine network firewall policy pakcet mirroring
rule.
update
Updates a Compute Engine network firewall policy packet mirroring rule.
NOTES
These variants are also available:
$ gcloud alpha compute network-firewall-policies mirroring-rules
$ gcloud beta compute network-firewall-policies mirroring-rules

View file

@ -0,0 +1,101 @@
NAME
gcloud compute network-firewall-policies mirroring-rules update - updates a
Compute Engine network firewall policy packet mirroring rule
SYNOPSIS
gcloud compute network-firewall-policies mirroring-rules update PRIORITY
--firewall-policy=FIREWALL_POLICY --global-firewall-policy
[--action=ACTION] [--description=DESCRIPTION]
[--dest-ip-ranges=[DEST_IP_RANGE,...]] [--direction=DIRECTION]
[--[no-]disabled] [--layer4-configs=[LAYER4_CONFIG,...]]
[--new-priority=NEW_PRIORITY]
[--security-profile-group=SECURITY_PROFILE_GROUP]
[--src-ip-ranges=[SRC_IP_RANGE,...]]
[--target-secure-tags=[TARGET_SECURE_TAGS,...]] [GCLOUD_WIDE_FLAG ...]
DESCRIPTION
gcloud compute network-firewall-policies mirroring-rules update is used to
update network firewall policy packet mirroring rules.
EXAMPLES
To update a rule with priority 10 in a global network firewall policy with
name my-policy to change the action to mirror and description to new
example rule, run:
$ gcloud compute network-firewall-policies mirroring-rules update \
10 --firewall-policy=my-policy --action=mirror \
--description="new example rule"
POSITIONAL ARGUMENTS
PRIORITY
Priority of the rule to be updated. Valid in [0, 65535].
REQUIRED FLAGS
--firewall-policy=FIREWALL_POLICY
Firewall policy ID with which to update rule.
--global-firewall-policy
Use this flag to indicate that firewall policy is global.
OPTIONAL FLAGS
--action=ACTION
Action to take if the request matches the match condition. ACTION must
be one of: mirror, do_not_mirror, goto_next.
--description=DESCRIPTION
An optional, textual description for the rule.
--dest-ip-ranges=[DEST_IP_RANGE,...]
Destination IP ranges to match for this rule.
--direction=DIRECTION
Direction of the traffic the rule is applied. The default is to apply
on incoming traffic. DIRECTION must be one of: INGRESS, EGRESS.
--[no-]disabled
Use this flag to disable the rule. Disabled rules will not affect
traffic. Use --disabled to enable and --no-disabled to disable.
--layer4-configs=[LAYER4_CONFIG,...]
A list of destination protocols and ports to which the firewall rule
will apply.
--new-priority=NEW_PRIORITY
New priority for the rule to update. Valid in [0, 65535].
--security-profile-group=SECURITY_PROFILE_GROUP
A security profile group to be used with mirror action.
--src-ip-ranges=[SRC_IP_RANGE,...]
A list of IP address blocks that are allowed to make inbound
connections that match the firewall rule to the instances on the
network. The IP address blocks must be specified in CIDR format:
http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing.Either
--src-ip-ranges or --src-secure-tags must be specified for INGRESS
traffic. If both --src-ip-ranges and --src-secure-tags are specified,
the rule matches if either the range of the source matches
--src-ip-ranges or the secure tag of the source matches
--src-secure-tags.Multiple IP address blocks can be specified if they
are separated by commas.
--target-secure-tags=[TARGET_SECURE_TAGS,...]
An optional, list of target secure tags with a name of the format
tagValues/ or full namespaced name
GCLOUD WIDE FLAGS
These flags are available to all commands: --access-token-file, --account,
--billing-project, --configuration, --flags-file, --flatten, --format,
--help, --impersonate-service-account, --log-http, --project, --quiet,
--trace-token, --user-output-enabled, --verbosity.
Run $ gcloud help for details.
NOTES
These variants are also available:
$ gcloud alpha compute network-firewall-policies mirroring-rules \
update
$ gcloud beta compute network-firewall-policies mirroring-rules \
update

View file

@ -27,6 +27,7 @@ EXAMPLES
--format="table(
type,
firewall_policy_name,
rule_type,
priority,
action,
direction,

View file

@ -58,7 +58,7 @@ FLAGS
--network-ddos-protection=NETWORK_DDOS_PROTECTION
The DDoS protection level for network load balancing and instances with
external IPs. NETWORK_DDOS_PROTECTION must be one of: STANDARD,
ADVANCED.
ADVANCED, ADVANCED_PREVIEW.
--recaptcha-redirect-site-key=RECAPTCHA_REDIRECT_SITE_KEY
The reCAPTCHA site key to be used for rules using the redirect action